I remember someone quipped that every program always has at least one bug left, and every program could be optimized to be smaller.<p>It follows then that with a sufficiently good optimizer every program can be reduced to a single wrong instruction.
Sometimes I start to feel like I'm pretty good at what I do.<p>Then I read one Raymond's investigations like this and realise I'm still not that good.
I love this comment:<p>"So at least it’s nice that this rogue code was compiled with stack buffer overflow protection. Can’t be too careful."
Could someone explain to me — it's not <i>actually</i> crashing on its first instruction, I take it?<p>Why does it appear to be crashing on the first instruction?<p>Did the malware mess with the main thread's code, so that the first instruction of the main thread was the invalid write instruction?<p>But then the malware thread must have run first somehow, no? (since that thread is in the same process)<p>I think I followed the article generally, but I don't understand what actual sequence of events might have taken place that resulted in this report of "crashed on first instruction."
I guessed wrong from the title. I was expecting a C/C++ programmer that tried to stick too much stuff on the stack and crashing immediately on start. That's usually the case when someone asks me why their previously working program doesn't even make it to the first instruction.